Access Tokens

An access token authenticates you to TestGen's programmatic interfaces — the REST API and the MCP server. Each request carries the token in its Authorization header, and TestGen applies the permissions of the user the token belongs to.

There are two ways to obtain a token:

• Enterprise A personal access token is a single long-lived token you create in the TestGen UI and use directly. It is the quickest option and suits clients that accept a static token.
• An OAuth 2.1 client registers once, then exchanges a durable refresh token for short-lived access tokens on each run. It suits automation that should hold only short-lived credentials.

Related topics

• API Authentication — using a token with the REST API
• Set up the MCP Server — using a token with an AI client
• User Access — how roles govern what a token can do